juaromu / wazuh-misp
☆14Updated last year
Related projects: ⓘ
- ☆32Updated last year
- ☆17Updated 2 years ago
- ☆13Updated 2 years ago
- Wazuh integration TheHive☆30Updated last year
- Convert Sigma rules to Wazuh rules☆55Updated 5 months ago
- Digital Forensic Analysis and Incident Response Playbooks to handle real world security incidents☆37Updated 4 months ago
- Repo for Automations and other solutions for Elastic SIEM/Security.☆17Updated 3 years ago
- Personal scripts☆12Updated last week
- Run Velociraptor on Security Onion☆34Updated 2 years ago
- Endpoint detection for remote hosts for consumption by RITA and Elasticsearch☆66Updated last year
- Sysmon and wazuh integration with Sigma sysmon rules [updated]☆60Updated 3 years ago
- Tools for Wazuh by Juan C. Tello☆14Updated 2 years ago
- ☆17Updated 2 years ago
- Repository for SPEED SIEM Use Case Framework☆52Updated 4 years ago
- Cybersecurity Incident Response Plan☆86Updated 3 years ago
- Incident Response Plan for all major incidents including cheatsheets for both linux and windows☆13Updated 4 years ago
- Useful scripts for those administering Wazuh☆68Updated 3 weeks ago
- ☆30Updated 2 years ago
- Create alerts in The Hive from your Graylog alerts, to be turned into Hive cases.☆44Updated 4 years ago
- Incident Response Network Tools☆22Updated 3 years ago
- ☆34Updated 3 years ago
- SANS has developed a set of information security policy templates. These are free to use and fully customizable to your company's IT secu…☆28Updated 2 years ago
- Threat Hunting with ELK Workshop (InfoSecWorld 2017)☆64Updated 6 years ago
- A collection of tips for using MISP.☆74Updated 5 months ago
- A Sigma to Wazuh / OSSEC converter including a generated Windows Sysmon ruleset☆33Updated 4 years ago
- A Ruleset to enhance detection capabilities of Ossec using Sysmon☆83Updated 2 years ago
- ☆51Updated 3 years ago
- Run zeek with zeekctl in docker☆46Updated last week
- This repository contains Splunk queries to hunt some anomalies☆38Updated 2 years ago
- Import CrowdStrike Threat Intelligence into your instance of MISP☆40Updated this week